Datasheet

ManualsBrandsHewlett Packard Enterprise ManualsNetworkingJG091A

•

IEEE 802.3ad Link Aggregation Control

Protocol (LACP): supports up to 26 trunks, each

with 8 links per trunk; supports static or dynamic

groups

•

Smart link: allows 50 ms failover between links

•

Intelligent Resilient Framework (IRF): creates

virtual resilient switching fabrics, where two or more

switches perform as a single Layer 2 switch, Layer 3

router; switches do not have to be co-located and

can be part of a disaster recovery system; servers or

switches can be attached using standard LACP for

automatic load-balancing and high availability;

simplifies network operation by eliminating the

complexity of Spanning Tree, Equal-Cost Multipath

(ECMP), or VRRP

Layer 2 switching

•

8K MAC address table: provides access to

many Layer 2 devices

•

VLAN support and tagging: support IEEE

802.1Q, with 4094 simultaneous VLAN IDs

•

IP multicast snooping: automatically prevents

flooding of IP multicast traffic

•

IGMP and MLD snooping: effectively control

and manage the flooding of multicast packets in a

Layer 2 network

Layer 3 services

•

Address Resolution Protocol (ARP):

determines the MAC address of another IP host in

the same subnet; supports static ARPs; gratuitous

ARP allows detection of duplicate IP addresses

•

Dynamic Host Configuration Protocol

(DHCP): simplifies the management of large IP

networks; supports client; DHCP Relay enables

DHCP operation across subnets

•

Loopback interface address: defines an

address in Routing Information Protocol (RIP) and

OSPF that can always be reachable, improving

diagnostic capability

Layer 3 routing

•

Static IP routing: provides manually configured

routing for both IPv4 and IPv6 networks

Security

•

Access control lists (ACLs): provides IP Layer 2

to Layer 4 traffic filtering; supports global ACL,

VLAN ACL, port ACL, and IPv6 ACL

•

Identity-driven security and access control:

– Per-user ACLs: permits or denies user access to

specific network resources based on user identity

and time of day, allowing multiple types of users

on the same network to access specific network

services without risk to network security or

unauthorized access to sensitive data

– Automatic VLAN assignment: automatically

assigns users to the appropriate VLAN based on

their identities

•

Secure management access: securely encrypts

all access methods (CLI, GUI, or MIB) through

SSHv2, SSL, and/or SNMPv3

•

Secure File Transfer Protocol (FTP): allows

secure file transfer to and from the switch; protects

against unwanted file downloads or unauthorized

copying of switch configuration file

•

Guest VLAN: similar to IEEE 802.1X, it provides a

browser-based environment to authenticated clients

•

Port isolation: secures and adds privacy, and

prevents malicious attackers from obtaining user

information

•

STP BPDU port protection: blocks Bridge

Protocol Data Units (BPDUs) on ports that do not

require BPDUs, preventing forged BPDU attacks

•

STP Root Guard: protects root bridge from

malicious attack or configuration mistakes

•

DHCP protection: blocks DHCP packets from

unauthorized DHCP servers, preventing

denial-of-service attacks

•

Dynamic ARP protection: blocks ARP

broadcasts from unauthorized hosts, preventing

eavesdropping or theft of network data

•

IP source guard: helps prevent IP spoofing

attacks

•

Endpoint Admission Defense (EAD): provides

security policies to users accessing a network

•

RADIUS/HWTACACS: eases switch management

security administration by using a password

authentication server

•

Port security: allows access only to specified

MAC addresses, which can be learned or specified

by the administrator

•

MAC-based authentication: allows or denies

access to the switch based on client MAC address